CVE-2022-1138

Medium

Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the…

Chrome·CWE-1021·Published 2022-07-22

CVSS

6.5

EPSS

0.01

KEV

Exploits

Vendor statements (1)

security.gentoo.org

cve.orgen

223 chars

Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox (URL bar) via a crafted HTML page.

NVDes

270 chars

Una implementación inapropiada de Web Cursor en Google Chrome versiones anteriores a 100.0.4896.60, permitía a un atacante remoto que hubiera comprometido el proceso de renderización ocultar el contenido de la Omnibox (barra de URL) por medio de una página HTML diseñada

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N